Information Security GRC Specialist for a Financial Institution (5-10 Years)

Job Posting by Sheralynn Tjioe, Associate Director (Cyber Security and GRC) Recruitment at Charterhouse Asia SheralynnT@charterhouse.com.sg Information Security GRC Specialist for a Financial Institution (5-10 Years) The Information Security GRC Specialist is responsible for overseeing Information Security compliance assessments across the organisation’s technology infrastructure. This role ensures that critical security controls are implemented effectively, aligned with industry standards and internal policies, to safeguard the organisation’s assets and reduce security risks. *Must be a specialist in Information Security RESPONSIBILITIES: Evaluate Security Processes: Conduct in-depth assessments of essential Information Security processes, including Patch Management and Open-Source Vulnerability Management, across technology systems. Ensure that necessary security controls are in place to effectively mitigate risks. Collaborate Across Teams: Partner with IT, operations, and security teams to identify, prioritize, and resolve vulnerabilities within production environments. Act as a liaison between technical and non-technical teams, ensuring security issues are addressed promptly and clearly communicated. Monitor Vulnerability Resolution: Track the progress of vulnerability remediation efforts, ensuring timely resolution according to deadlines. Conduct follow-up checks to verify that corrective actions are successfully implemented and all risks are mitigated. Reporting & Communication: Provide regular updates and detailed reports to risk management committees, highlighting outstanding vulnerabilities, their potential impact, and the status of remediation efforts. Keep senior leadership informed about critical security gaps. Risk Monitoring & Control: Track and report on Key Risk Indicators (KRIs) to assess the organisation’s exposure to security risks. Conduct Risk Control Self-Assessments (RCSAs) to ensure existing controls are effective and mitigate risks. Support Security Initiatives: Contribute to various security-related projects, including audits, process improvements, policy updates, and compliance efforts, to continually enhance the organisation’s overall security posture. REQUIREMENTS: Educational Background: Bachelor’s Degree in Computer Science, Information Systems, Cybersecurity, or a related field. Experience: Minimum of 5 years in managing internal controls within an IT security environment, with a strong focus on compliance and security best practices. Regulatory Knowledge: Strong understanding of local regulatory requirements and cybersecurity frameworks, such as MAS TRMG Guidelines and Cyber Security Hygiene standards. Certifications: IT security or related certifications (e.g., CISSP, CCNA, CEH) are highly desirable. Cybersecurity Awareness: Excellent awareness of current trends and developments in the cybersecurity field, with a proactive approach to staying informed on emerging threats and solutions. Collaboration Skills: Strong teamwork and communication skills, with the ability to manage detailed work and remain calm under pressure. Self-Starter: Highly self-motivated with the ability to manage multiple tasks, meet deadlines, and work independently in a fast-paced environment. Please contact Sheralynn Tjioe at SheralynnT@charterhouse.com.sg for a confidential discussion. EA License no: 16S8066 | Reg no.: R1878306 Only successful candidates will be notified.